The modern communications era has brought about a tremendous expansion of wireline and wireless networks. Computer networks, television networks, and telephony networks are experiencing an unprecedented technological expansion, fueled by consumer demand. Wireless and mobile networking technologies have addressed related consumer demands, while providing more flexibility and immediacy of information transfer.
Current and future networking technologies continue to facilitate ease of information transfer and convenience to users. Due to the now ubiquitous nature of electronic communication devices, people of all ages and education levels are utilizing electronic devices to communicate with other individuals or contacts, receive services and/or share information, media and other content. One area in which there is a demand to increase ease of information transfer relates to the delivery of services to communication devices. The services may be in the form of a particular application or algorithm to facilitate functionality of the communication devices. Some of the algorithms being utilized by the communication devices may be cryptographic algorithms providing security for usage of the algorithms.
At present, many machines and devices utilize machine type communication. Some of these machines and devices (for example, sensors, actuators, and meters) may be unattended by users and may not facilitate user interaction. Machine type communication may allow machines and devices to function with a long lifespan. For example, many metering devices are expected to be active for more than twenty years. This long lifespan may pose some problems pertaining to the security of algorithms of the communication devices. For instance, at present it is difficult to remove weak algorithms from being utilized by deployed devices and this issue is usually tackled by phasing out, where new devices only have stronger algorithms and no longer the weak ones and then by natural replacement the device population shifts towards the newer algorithms (for mobile devices typical replacement cycles are 2-3 years). The weak algorithms may be unsecure algorithms that may be targeted for attack. In many instances, the lifespan of devices are much longer than the algorithms are able to securely support. The inability to sufficiently secure algorithms over long lifespans of devices may be due to advances in technology over time that may enable more computing computation for brute force attacks. In addition, due to advances in technology over time, the encryption keys associated with cryptographic algorithms may not be strong enough to prevent hackers from breaching the security of the algorithms.
Currently, some existing solutions consist of including two or more algorithms onto a device, such that if one of the algorithms is determined to be weak, there is another algorithm to utilize as a backup algorithm. At present, this approach is oftentimes unsuccessful since the weak algorithm may not be permanently disabled.
When a weak algorithm is still available, a system may be susceptible to a “bidding down attack” in which an attacker posing as a network node may indicate that it only supports a weak algorithm (for example, an unsecure algorithm) in which case the device may comply and utilize the weak algorithm which may result in a security breach.